Last week, Googleโs Project Zero, a team of security analysts tasked with finding zero-day vulnerabilities, discovered one of the largest reported iPhone hacks to date – hacks that sources close to the matter later said were likely part of a Chinese state-sponsored attack targeting the Uighur Muslim community in the countryโs Xinjiang region.
In its response to this incident, Apple ignored the probable privacy and human rights violations perpetrated by the Chinese government and instead used its statement on the matter as an opportunity to criticize Googleโs Project Zero – a free service that Google provides to help companies find bugs and vulnerabilities in their products.
In the statement, Apple acknowledges that the attack โaffected fewer than a dozen websites that focus on content related to the Uighur communityโ – an acknowledgement that suggests Apple is also aware of the reports that the hacks were likely linked to the Chinese state. However, thereโs no direct mention of China anywhere in the statement.
Instead, Appleโs statement largely focuses on protecting its brand and on how it believes the original Google post created the โfalse impressionโ of โmass exploitationโ and stoked โfear among all iPhone users that their devices had been compromised.โ It makes two main claims when pushing back against Googleโs report:
- The attack was narrowly focused and not broad as Google implies
- The websites distributing malware that enabled iPhones to be hacked were operational for around two months and not two years as Google had implied
Apple has long touted that it believes โprivacy is a fundamental human right.โ However, when it comes to China, Appleโs actions often donโt match this mantra.
Chinaโs use of the internet to censor information and surveil its citizens is well documented with many human rights and digital rights groups raising awareness of how the Chinese state often uses the internet against its people. Chinaโs targeting of the Uighur Muslim community in the countryโs Xinjiang region through the internet is particularly notorious with the Electronic Frontier Foundation (EFF) describing it as โthe worldโs laboratory for internet repressionโ – a reference to Chinaโs history of imprisoning bloggers and online publishers in the area, quarantining the internet in the region, and engaging in other oppressive practices.
Despite the overwhelming number of examples showing how China uses the internet to oppress its people, Appleโs drive to grow its business in the country has led to it consistently turning a blind eye to these human rights violations and making decisions that help the Chinese government censor content and spy on its citizens.
In 2017, Apple bowed to pressure from Beijing cyber regulators and removed virtual private network (VPN) services from its app store in China. VPNs are a valuable tool for Chinese users which allow them to protect their privacy by hiding their browsing activity from state surveillance operations and also bypass the โGreat Firewallโ of China – a firewall that blocks access to many international sites inside the country.
In 2018, Apple moved the operation of its iCloud service in China to a state-run company – a decision that made it easier for Chinese authorities to surveil Chinese Apple customers through the data they store in their iCloud account which often includes text messages, emails, and other personal communications.
In June of this year, Apple started censoring Chinese language podcasts in China during the same week as the thirtieth anniversary of the Tiananmen Square massacre. And in April, Apple Music complied with demands from the Chinese government to remove a famous song from the Hong Kong singer Jacky Cheung which mentioned the Tiananmen Square massacre.
